<!DOCTYPE html>
<html>

  <head>
    <meta charset='utf-8' />
    <meta http-equiv="X-UA-Compatible" content="chrome=1" />
    <meta name="description" content="jsrsasign : The 'jsrsasign' (RSA-Sign JavaScript Library) is a open source free pure JavaScript implementation of PKCS#1 v2.1 RSASSA-PKCS1-v1_5 RSA signing and validation algorithm." />

    <link rel="stylesheet" type="text/css" media="screen" href="stylesheets/stylesheet.css">
    <title>JS Certification Authority :)</title>
<!-- for pkcs5pkey -->
<script language="JavaScript" type="text/javascript" src="jsrsasign-latest-all-min.js"></script>
<script language="JavaScript" type="text/javascript">
function doIssue() {
  var f1 = document.form1;

  f1.newcert1.value = "issuing ...";

  // 1. generate TBSCertificate
  var tbsc = new KJUR.asn1.x509.TBSCertificate();
  tbsc.setSerialNumberByParam({'int': parseInt(f1.serial1.value)});
  tbsc.setSignatureAlgByParam({'name': 'SHA1withRSA'});
  tbsc.setIssuerByParam({'str': f1.issuer1.value});  
  tbsc.setNotBeforeByParam({'str': f1.notbefore1.value});
  tbsc.setNotAfterByParam({'str': f1.notafter1.value});
  tbsc.setSubjectByParam({'str': f1.subject1.value});  
  tbsc.setSubjectPublicKeyByParam({'rsapem': f1.pubkey1.value});

  if (f1.bc_exists.checked) {
    var param = {};
    param['critical'] = (f1.bc_critical.checked)? true : false;
    param['cA'] = (f1.bc_ca.checked)? true : false;
    if (f1.bc_pathlen.value != '') {
      param['pathLen'] = parseInt(f1.bc_pathlen.value);
    }
    tbsc.appendExtension(new KJUR.asn1.x509.BasicConstraints(param));
  }

  if (f1.ku_exists.checked) {
    var param = {};
    param['critical'] = (f1.ku_critical.checked)? true : false;
    var sBin = '';
    sBin += (f1.ku_0dsig.checked) ? "1" : "0";
    sBin += (f1.ku_1nonrep.checked) ? "1" : "0";
    sBin += (f1.ku_2keyenc.checked) ? "1" : "0";
    sBin += (f1.ku_3datenc.checked) ? "1" : "0";
    sBin += (f1.ku_4keyagree.checked) ? "1" : "0";
    sBin += (f1.ku_5keycertsign.checked) ? "1" : "0";
    sBin += (f1.ku_6crlsign.checked) ? "1" : "0";
    sBin += (f1.ku_7enconly.checked) ? "1" : "0";
    sBin += (f1.ku_8deconly.checked) ? "1" : "0";
    param['bin'] = sBin;
    tbsc.appendExtension(new KJUR.asn1.x509.KeyUsage(param));
  }

  if (f1.eku_exists.checked) {
    var param = {};
    var a = [];
    param.critical = (f1.eku_critical.checked) ? true : false;
    if (f1.eku_srv.checked)   a.push({name: 'serverAuth'});
    if (f1.eku_cli.checked)   a.push({name: 'clientAuth'});
    if (f1.eku_code.checked)  a.push({name: 'codeSigning'});
    if (f1.eku_email.checked) a.push({name: 'emailProtection'});
    if (f1.eku_time.checked)  a.push({name: 'timeStamping'});
    param.array = a;
    var ext = new KJUR.asn1.x509.ExtKeyUsage(param);
    tbsc.appendExtension(ext);
  }

  if (f1.cdp_exists.checked && f1.cdp_uri.value != '') {
    var param = {};
    param['critical'] = (f1.cdp_critical.checked)? true : false;
    param['uri'] = f1.cdp_uri.value;
    tbsc.appendExtension(new KJUR.asn1.x509.CRLDistributionPoints(param));
  }

  // generate and sign certificate
  var caKey = KEYUTIL.getKey.apply(null, [f1.cakey1.value, f1.cakeypass1.value]);
  var cert = new KJUR.asn1.x509.Certificate({tbscertobj: tbsc,
                                             prvkeyobj: caKey});
  cert.sign();
  f1.newcert1.value = cert.getPEMString();
}
</script>
  </head>

  <body>

    <!-- HEADER -->
    <div id="header_wrap" class="outer">
        <header class="inner">
          <h1 id="project_title">JS Certification Authority</h1>
          <h2 id="project_tagline">This is the world's first test certification authority by pure JavaScript ;)</h2>

          <a href="http://kjur.github.io/jsrsasign/">TOP</a> | 
          <a href="https://github.com/kjur/jsrsasign/tags/" target="_blank">DOWNLOADS</a> | 
          <a href="https://github.com/kjur/jsrsasign/wiki#programming-tutorial">TUTORIALS</a> | 
          <a href="http://kjur.github.io/jsrsasign/api/" target="_blank">API REFERENCE</a> | 
          <a href="http://kjur.github.io/jsrsasign/index.html#demo" target="_blank">DEMOS</a> | 
        </header>
    </div>

    <!-- MAIN CONTENT -->
    <div id="main_content_wrap" class="outer">
      <section id="main_content" class="inner">

<!-- now editing -->
<form name="form1">
<h4>(Step1) Fill CA private key (PEM formatted PKCS#5 RSA key) and passcode</h4>
<textarea name="cakey1" cols="65" rows="6">-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,4626F2E5853E783F

3vFpkrnbantC8RSzng2+jBw/VX95oi0VGKP0G8whENHUOVQXB/YOUSj+n80Y0Wwc
GpeQi8U0FQdWyYv8b9aioeFB06r9t9mJsYscJ/wcIvv5tTMkr89cwN3+4GQQuqNg
TmI9ekeoZ3NP26hTM4XTuFqHx4dzNNwjDLc8txc77WE/o4J4p8k9Py5yPZjs9EKy
wy/yxtqQYQuFj90OMEG1G89iHTZRcq4YTZYdqg6P/XEUvyjifN+7Nym8f2N9TDDn
RJtApPQlrgXvUDQKz6Lu1ZYMwe94E9YdutDGQMbxixbiyxlcxrkb/oEHH5WP5qPG
w/xzh08Ce2Ftba2Q860S8nznjyZFiv+lqSKBahbujgP/63ZL+JbAd4cYBqgm4g1C
YwMhHJbaVCzwYduxdyK2JBYEosDZiDfnOP4DqPhJYpg=
-----END RSA PRIVATE KEY-----</textarea>
<br/>
CA KEY PASSCODE(=hoge): <input type="password" name="cakeypass1" value="hoge" size="0"/> 
<br/>

<!-- ============================================================== -->

<h4>(Step2) Fill Issuing Certificate Fields</h4>
<table>
<tr><td>Serial:</td><td><input type="text" name="serial1" value="76" size="20"/></td></tr>
<tr><td>Issuer DN:</td><td><input type="text" name="issuer1" value="/C=US/O=JS-TEST-CA" size="80"/></td></tr>
<tr><td>Validity:</td><td>
From <input type="text" name="notbefore1" value="130501235959Z" size="20"/>
To <input type="text" name="notafter1" value="230501235959Z" size="20"/>
</td></tr>
<tr><td>Subjec DN:</td><td><input type="text" name="subject1" value="/C=US/CN=Test User1" size="80"/></td></tr>
<tr><td>Subject<br/>Public Key</td><td>
<textarea name="pubkey1" cols="65" rows="3">-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAOtpGHibL8Ue+MXPPufkcrNES40rCT5L
RIU9MjTZ8/7owG5bAsiFA9Xxh3uZK1T5QA64jNJVbp2ojHAtNyWPuwsCAwEAAQ==
-----END PUBLIC KEY-----</textarea><br/>
NOTE: This shall be 'BEGIN PUBLIC KEY', not 'BEGIN RSA PUBLIC KEY'.</td></tr>
<tr><td colspan="2">
Basic Constraints: 
exists<input type="checkbox" name="bc_exists" value="1" checked/>
critical<input type="checkbox" name="bc_critical" value="1" checked/>
cAflag<input type="checkbox" name="bc_ca" value="1"/>
pathLen<input type="text" name="bc_pathlen" size="3"/>
</td></tr>
<tr><td colspan="2">
Key Usage: 
exists<input type="checkbox" name="ku_exists" value="1" checked/>
critical<input type="checkbox" name="ku_critical" value="1"/>
<br/>
<input type="checkbox" name="ku_0dsig" value="1" checked/> digitalSignature(0)
<input type="checkbox" name="ku_1nonrep" value="1"/> nonRepudiation(1)
<input type="checkbox" name="ku_2keyenc" value="1"/> keyEncipherment(2)<br/>
<input type="checkbox" name="ku_3datenc" value="1"/> dataEncipherment(3)
<input type="checkbox" name="ku_4keyagree" value="1"/> keyAgreement(4)
<input type="checkbox" name="ku_5keycertsign" value="1"/> keyCertSign(5)<br/>
<input type="checkbox" name="ku_6crlsign" value="1"/> keyEncipherment(6)
<input type="checkbox" name="ku_7enconly" value="1"/> encipherOnly(7)
<input type="checkbox" name="ku_8deconly" value="1"/> decipherOnly(8)<br/>
</td></tr>
<tr><td colspan="2">
Extended Key Usage:
exists<input type="checkbox" name="eku_exists" value="1"/>
critical<input type="checkbox" name="eku_critical" value="1"/>
<br/>
<input type="checkbox" name="eku_srv" value="1"/> serverAuth
<input type="checkbox" name="eku_cli" value="1"/> clientAuth
<input type="checkbox" name="eku_code" value="1"/> codeSigning
<input type="checkbox" name="eku_email" value="1"/> emailProtection
<input type="checkbox" name="eku_time" value="1"/> timeStamping
</td></tr>
<tr><td colspan="2">
CRL DistributionPoints: 
exists<input type="checkbox" name="cdp_exists" value="1" checked/>
critical<input type="checkbox" name="cdp_critical" value="1"/>
<br/>
URL<input type="text" name="cdp_uri" value="http://test.com/jsca.crl" size="80"/>
</td></tr>
</table>

<h4>(Step3) Press "Issue Certificate" button</h4>
<input type="button" value="Issue Certificate" onClick="doIssue();"/>
<input type="reset" name="reset" value="Reset"/>

<h2>Issued Certificate</h2>
<textarea name="newcert1" cols="65" rows="8"></textarea>

</form>

<!-- now editing -->

      </section>
    </div>

    <!-- FOOTER  -->
    <div id="footer_wrap" class="outer">
      <footer class="inner">
        <p class="copyright">jsrsasign maintained by <a href="https://github.com/kjur">kjur</a></p>
        <p>Published with <a href="http://pages.github.com">GitHub Pages</a></p>
<div align="center" style="color: white">
Copyright &copy; 2010-2012 Kenji Urushima. All rights reserved.
</div>
      </footer>
    </div>

  </body>
</html>
